53 matches found
CVE-2026-49269
Apple M1 GPUs retain register file data between compute shader dispatches from different processes. A sandboxed Metal attacker app can run a GPU reader shader that reads stale register values left by a separate sandboxed victim app. In the proof of concept, GPUVictim.app generates a fresh random...
PT-2026-51825
Name of the Vulnerable Software and Affected Versions Apple M1 GPUs affected versions not specified Description Apple M1 GPUs retain register file data between compute shader dispatches from different processes. This allows a sandboxed Metal attacker application to execute a GPU reader shader to...
MiracleLinux 8 : microcode_ctl-20200609-2.20201027.1.el8 (AXSA:2021-1384:02)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1384:02 advisory. hw: Information disclosure issue in Intel SGX via RAPL interface CVE-2020-8695 hw: Vector Register Leakage-Active CVE-2020-8696 hw: Fast forward sto...
CVE-2025-25176 GPU DDK - GPU Register value contents leaked from secure workloads to non-secure world
Intermediate register values of secure workloads can be exfiltrated in workloads scheduled from applications running in the non-secure environment of a platform...
CVE-2025-25176 GPU DDK - GPU Register value contents leaked from secure workloads to non-secure world
Intermediate register values of secure workloads can be exfiltrated in workloads scheduled from applications running in the non-secure environment of a platform...
The vulnerability of Intel microprogramming software, related to the leakage of information from vector registers, allows attackers to gain access to protected information.
The vulnerability of Intel microprogramming software is related to the leakage of information from vector registers. Exploiting this vulnerability can allow an attacker to gain access to protected information...
golang: runtime: unexpected behavior of setuid/setgid binaries
On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state or assuming the status of standard I/O file descriptors. If a setuid/setgid binary is executed with standard I/...
DEBIAN-CVE-2023-29403
On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state, or assuming the status of standard i/o file descriptors. If a setuid/setgid binary is executed with standard I...
AZL-27121 CVE-2023-29403 affecting package msft-golang for versions less than 1.20.7-1
On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state, or assuming the status of standard i/o file descriptors. If a setuid/setgid binary is executed with standard I...
Incorrect Privilege Assignment
Overview std/runtime is a Go standard library package std/runtime Affected versions of this package are vulnerable to Incorrect Privilege Assignment. Go Vulnerability Report:On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be...
PT-2023-3108
Name of the Vulnerable Software and Affected Versions Go affected versions not specified Description The issue is related to the Go runtime not behaving differently when a binary is run with the setuid/setgid bits on Unix platforms. This can be dangerous in certain cases, such as when dumping...
hw: Vector Register Leakage-Active
A flaw was found in the Intel Advanced Vector Extensions AVX implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state...
hw: Vector Register Leakage-Active
A flaw was found in the Intel Advanced Vector Extensions AVX implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state...
RHEL 7 : microcode_ctl (RHSA-2021:3029)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:3029 advisory. The microcodectl packages provide microcode updates for Intel. Security Fixes: hw: Special Register Buffer Data Sampling SRBDS CVE-2020-0543...
hw: Vector Register Leakage-Active
A flaw was found in the Intel Advanced Vector Extensions AVX implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state...
CentOS: Security Advisory for microcode_ctl (CESA-2021:3028)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
microcode_ctl security update
CentOS Errata and Security Advisory CESA-2021:3028 An update for microcodectl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
CentOS 7 : microcode_ctl (CESA-2021:3028)
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:3028 advisory. - hw: Special Register Buffer Data Sampling SRBDS CVE-2020-0543 - hw: Vector Register Data Sampling CVE-2020-0548 - hw: L1D Cache Eviction Sampling...
RHEL 7 : microcode_ctl (RHSA-2021:3028)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:3028 advisory. The microcodectl packages provide microcode updates for Intel. Security Fixes: hw: Special Register Buffer Data Sampling SRBDS CVE-2020-0543...
hw: Vector Register Leakage-Active
A flaw was found in the Intel Advanced Vector Extensions AVX implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state...